A security group rule allows ingress traffic from multiple public addresses
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Service | networking |
| Provider | OpenStack |
| Vulnerability Type | misconfiguration |
Description#
The security group rule permits ingress traffic from multiple public IP addresses or broad ranges, exposing services to the open internet instead of restricting access to specific, trusted sources. This configuration increases the attack surface by allowing connections from any public location.
Impact#
Attackers can attempt unauthorized access, exploit vulnerabilities, or launch attacks (such as brute force or scanning) against exposed resources. This can lead to data breaches, service disruption, or compromise of infrastructure, putting the application’s security and availability at risk.
Resolution#
Employ more restrictive security group rules